Monthly Archives: November 2014

Securitas wins contract for security and stewarding solutions at TRANSEC 2014

The organisers of Transport Security Expo (TRANSEC) 2014 have awarded Securitas the contract to deliver security and stewarding services throughout the event, which takes place at London’s Olympia on 2-3 December.

Securitas has been appointed to oversee the safe build-up and breakdown of the show and to ensure both exhibitors and visitors have a pleasant and trouble-free experience at the popular annual event.

Over 4,500 visitors are expected to attend the two-day show and Securitas personnel will be on hand to welcome them and help with any queries. Security Industry Authority-licensed security officers will also be placed at strategic locations throughout the venue to provide a physical and reassuring presence.

Transport Security Expo 2014 runs at London's Olympia from 2-3 December

Transport Security Expo 2014 runs at London’s Olympia from 2-3 December

Last year, TRANSEC attracted a record-breaking 3,500 visitors from 88 countries. The organisers are upping the ante in 2014 to attract even more visitors by welcoming over 150 exhibitors from across the globe as well as 75 of the world’s leading conference speakers. On top of that there are workshops, live demonstrations and Innovation Hubs.

Securitas’ UK managing director and Country President Brian Riis Nielsen said: “Following our successful security role at IFSEC International 2014, we are once again delighted to have been chosen to safeguard exhibitors and visitors to this year’s Transport Security Expo. As well as providing 24-hour cover throughout the build-up, during the event itself and its breakdown, we’ll be helping to ensure correct Health and Safety procedures are followed and providing overnight stand security to those exhibitors who request such a service.”

Brian Riis Nielsen: Country President and UK md at Securitas

Brian Riis Nielsen: Country President and UK md at Securitas

During the exhibition, Securitas experts from the aviation and maritime transport sectors will be on hand on Stand G22 to give advice on the company’s wide range of complete security solutions specifically designed to meet the needs of each.

Monika Luis, event director for Transport Security Expo 2014, added: “We’re delighted to work with a global knowledge leader in security such as Securitas and have its support as an exhibitor at Transport Security Expo 2014. The decision to award Securitas the contract to deliver security and stewarding services to the event was an easy one to make based on the quality and reputation of the company. I’m confident that the 22 country delegations, Government officials and all visitors and exhibitors will be in safe hands throughout the show.”

Leave a comment

Filed under Risk UK News

‘Security Integration moves beyond PSIM’ (by John Davies, md, TDSi)

In a guest blog for Risk UK’s readers, John Davies reviews developments that have been taking place beyond the initial hype around Physical Security Information Management (PSIM) and how the integration of physical and information security is now offering benefits in the real world.

A few years ago, PSIM – the acronym for Physical Security Information Management – became a popular ‘buzzphrase’ in both the physical and logical security sectors. In its broadest sense, the term sought to describe the increasing unification between IT security and physical security systems which really became inevitable given the increased adoption of IP services throughout the business world and, indeed, society as a whole.

In the case of physical security, this phenomenon has revolutionised the approach the industry takes to its products and services. Manufacturers, specifiers and installers have had to adapt and evolve to meet the expectations of the market (and, in many cases, the wider public).

However, the security sector as a whole has moved on and the expectation of an IP connection is now simply a basic necessity rather than a defining characteristic.

Full integration between often complex and crucial systems is now the goal of security operators and providers alike. Paradoxically, while the technology is undoubtedly becoming more and more complex, the overall goal is to provide operators and installers with solutions that are actually simpler to use and install.

John Davies: managing director at TDSi

John Davies: managing director at TDSi

Bringing together all of the elements

PSIM has been highly successful in bringing together physical and logical security systems, but the expectations placed on integration have also grown significantly. The security market now demands more joined-up physical security technology.

Common integration components include:
• Access control (physical locks and doors)
• CCTV systems
• Intruder alarms
• Firefighting systems
• Building services controls (including environmental systems and lifts)
• Centralised business systems (and Schools Information Management Systems)
• HR systems

While physical and logical security were traditionally isolated from one another, so too were many of the individual physical security and management applications. The inability of these various facets to work directly together was a frustration when it was clear that the overall management of a facility could be enhanced and made considerably simpler and more efficient by doing so.

Bringing together the various elements has been made achievable by two improvements: the ability of many security and management systems to be connected to a universal Internet connection and the development of systems and software capable of administering and simplifying the operator’s task of running multiple functions from a single portal.

True security integration has only really been made possible with the advent of systems which are highly compatible with one another (often using shared/agreed standardised protocols) and offer the ability to network these previous disparate elements. The second hurdle has been to understand the popular standards and create software systems able to bring the strands together as a whole.

Continuous surveillance and control of facilities

While security systems are traditionally used to combat intruders and protect against attacks or thefts, some organisations actually face a substantial threat from what’s sometimes termed ‘insider theft’. Modern integrated security systems can be used as an effective deterrent against such threats.

Take the example of a busy warehouse. With items being moved in and out on a rapid basis, it can be easy for a worker to remove items (especially small ones) without necessarily being noticed by colleagues or human security operators. In this example, CCTV surveillance may not be enough to detect a problem in standalone mode. However, in combination with an integrated stocktaking system and monitoring of access to the facility it’s much easier to investigate unaccounted losses and to check video footage for the missing items. Equally, it can be a powerful tool to defend the honesty of staff members where there is suspicion or doubt.

Visual verification: monitoring of staff movements

With a truly integrated combination of security and business/building control systems there are fresh opportunities to use these existing investments. A good example is the administration of facilities management resources. Visual verification from CCTV and security software systems can be used to monitor the movements of authorised staff as well as intruders.

A practical application for this could be the intelligent use of environmental temperature control and lighting. An integrated security system can detect the use of designated areas within a facility and intelligently manage the use of resources – and especially outside normal working hours – to reduce any wastage in unoccupied areas.

Equally, this visual verification technology could be used to monitor human and vehicular traffic around a facility and analyse any congestion or influence planning decisions.

Emergency situations and fires

Integrated systems can also play an important role with regards to the safety of people on site. Fire alarms are far from a new technology, but when used in combination with all the other buildings control systems, the combined solution can play a vital role in safety.

In the event of a fire the alarm will probably be the first system to activate. In a modern integrated system this can alert the security team and, if required, automatically escalate the warning to the emergency services.

Proactively, it can automatically restrict access to dangerous parts of the building and consult HR records or check ID restricted access logs to see who has entered and left the facility. This provides a more accurate account for the emergency services and security teams to assess the situation.

CCTV systems can then be used to assess whether people are trapped within the facility and even to investigate dangerous areas and the spread of the emergency without putting lives at risk.

Time and attendance: shift-based business models

For organisations that run strict time-keeping and shift-based business models, security systems can be used to administer accurate time and attendance recording and secure access control records when staff enter or leave a facility as well as enforce security.

It can also measure when staff visit different parts of the facility (for example the WC or food service areas) to ascertain an accurate record of the actual working patterns.

When linked to CCTV and logical access of IT systems, the HR Department or security system operators can see exactly what’s happening.

Using legacy systems and offering the best ROI

Intelligently installed integrated physical security systems can offer an attractive return on investment. First, they allow the ‘mix and match’ purchase of systems to best suit requirements and budgets. Second, they also permit the use of existing legacy systems and the inclusion of components that are either very specific to their role or, from a financial standpoint, would be problematic to replace.

A good example is the use of CCTV cameras where the best solution may be a healthy mix of modern megapixel cameras are other legacy or specific environment systems. In the past, it would have been harder to use different specifications of camera on the same network but integrated systems are specifically designed to cater for this eventuality.

Integrated systems: greater flexibility than ever before

While PSIM has undoubtedly bridged the gap between physical and logical security, the developments that have taken place since have arguably been more helpful to security operators and installers. The connection of physical security to IP-based systems was a vital development in the security industry as a whole, but the synergy between physical systems is bringing the evolution of truly self-aware solutions even closer.

Traditionally, organisations and installers dealt with a complete solution which was mutually exclusive to other solutions and offered little in the way of upgrades and evolution options. Making any changes required serious contemplation and often involved large budgetary commitments that were usually untenable.

The combination of physical security and IP systems has also radically altered the installer market. Installation specialists increasingly have to understand both IT and physical security disciplines in order to offer the best solutions for their clients. The trade-off is that, as an industry, the security sector is able to grow and offer exactly the solutions that customers require.

Those customers now have greater control over their investments and a greater confidence that it’s a wise investment in a wider economic landscape that will help achieve sustained growth.

John Davies is managing director at security solutions specialist TDSi

Leave a comment

Filed under Risk UK News

Hanwha Group acquires shares of Samsung Techwin

An agreement has been signed which will see the controlling shareholders of Samsung Techwin (including Samsung Electronics, Samsung C&T and other Samsung Group affiliates) sell their holding stakes in Samsung Techwin to the Hanwha Group.

“Hanwha Group’s investment in Samsung Techwin will enable us to continue researching, designing and developing innovative market-leading solutions that will create new business opportunities and ensure our future growth,” said Jong Wan Lim, managing director of the Security Solutions division at Samsung Techwin Europe Ltd.

“Customers can be assured that it’s ‘business as usual’ and that there will be absolutely no disruption to the supply of products or to the normal high levels of pre- and post-sales support that our customers have come to expect from Samsung Techwin.”

The controlling shareholders of Samsung Techwin (including Samsung Electronics, Samsung C&T and other Samsung Group affiliates) are to sell their holding stakes in Samsung Techwin to the Hanwha Group

The controlling shareholders of Samsung Techwin (including Samsung Electronics, Samsung C&T and other Samsung Group affiliates) are to sell their holding stakes in Samsung Techwin to the Hanwha Group

The transaction is expected to be completed during the first half of 2015, subject to approval from anti-trust regulatory authorities in relevant jurisdictions.

Founded in 1952, the Hanwha Group is a global leader in a broad range of businesses spanning the spectrum of manufacturing, construction, finance, services and the leisure industry. Taken together, the Group’s 52 domestic and 90 overseas affiliates provide a multitude of customers around the globe with premier products and services.

In 2013, the Hanwha Group achieved total revenues of US$35.13 billion while its assets were valued at approximately US$117.4 billion.

Leave a comment

Filed under Risk UK News

Standard protecting food from malicious and deliberate attack revised by BSI

BSI has revised its PAS (Publicly Available Specification) that safeguards food and drink against malicious tampering. PAS 96 Defending Food and Drink was first published in 2008 as a guide to Hazard Analysis Critical Control Point (HACCP) which identifies and manages risks in supply chains.

The food and drinks industry is used to handling natural errors or mishaps within the food supply chain, but the threat of deliberate attack – although not new – is growing with the changing political climate. Ideological groups can see this as an entry point to commit sabotage or further criminal activity.

Therefore, the impacts of threats to the food supply chain are great. They can include direct losses when responding to acts of sabotage or paying compensation to affected producers and suppliers, customers and distributors. Trade embargoes may be imposed by trading partners and longer term reputational damage may occur as a result of an attack.

David Fatscher, head of market development for sustainability at BSI, explained: “It’s not just events such as the horse meat scandal and the subsequent Elliot Review that realise a need for clarity in the food supply chain. As issues such as ‘Food Terrorism’ become more of a reality, businesses need to be extra vigilant and confident that they’ve set up the basic practices on keeping their supply chains ‘sabotage free-. PAS 96 was specifically designed to minimise the risks associated with deliberate attack, enabling businesses to stay one step ahead and not suffer damage to their reputations.”

BSI has revised PAS 96

BSI has revised PAS 96

The revision of PAS 96 includes the introduction of the Threat Assessment Critical Control Points (TACCP) risk management methodology. The TAACP process will help businesses of all sizes avoid and mitigate threats to their food supply chain.

The development of PAS 96 was sponsored by the Department for the Environment, Food and Rural Affairs (Defra) and the Food Standards Agency.

What PAS 96 can do

• Introduce the TAACP process
• Offer scenarios on how TAACP may be applied in existing businesses
• Provide guidance to food business managers through approaches and procedures to improve the resilience of supply chains to fraud or other forms of attack
• Aim to assure the authenticity of food by minimising the chance of an attack and mitigating the consequences of a successful attack

PAS 96 will benefit all organisations, but may be of particular use to managers of small and medium-sized food enterprises who may not have easy access to specialist advice. It’s of value to those involved in manufacturing, purchasing, supplying and selling food products.

David Fatscher of BSI

David Fatscher: head of market development for sustainability at BSI

Some of the organisations involved in the development of PAS 96 have included Agrico UK Limited, the Department for Environment, Food & Rural Affairs (Defra), the Food Standards Agency, the Global Food Security Programme, Heineken UK, J Sainsbury plc, McDonald’s Europe and Tesco.

Other businesses involved in the standard’s development are Bakkavor, Cargill, GIST Limited, Hilton Food Group plc, Leatherhead Food Research, Raspberry Blonde and SSAFE.

Leave a comment

Filed under Risk UK News

Axis Security appoints Chris Wisely to new managing director’s role

Chris Wisely has been promoted from head of operations to the newly-created role of managing director at Axis Security (part of the Axis Group of security, reception management and cleaning and support services companies). Wisely will report to Group CEO Jonathan Levine.

Wisely has worked in the security industry for more than 20 years and joined Axis Security in 2009 as finance director before progressing to the head of operations role in 2012.

In the five years he has been with the business, Wisely has worked with the senior management team in further strengthening the company’s operations, including the launch of its bespoke online portal – Axis e-Connect – giving customers easy access to live reports, documentation and information about their portfolio.

Wisely has also overseen a significant investment in employee training and played a key role in creating specialist teams to manage recruitment, training, compliance, contract mobilisation and Health and Safety.

Chris Wisely: the new managing director at Axis Security

Chris Wisely: the new managing director at Axis Security

Jonathan Levine believes the appointment comes at an exciting time for the business, and reflects how far the company has come in such a comparatively short space of time.

“Axis Security has an enviable reputation in the industry,” said Levine. “With a record Approved Contractor Scheme audit, our track record is one that’s built firmly on quality. We will continue to focus on delivering the finest services to our customers while supporting our employees to be the best they can be in their respective roles.”

As managing director, a key focus for Wisely will be redefining the company’s vision and the business strategy required to deliver that vision. “We want to be viewed as the leading provider of security services in key sectors and geographies, so it’s important that we are known more widely,” urged Wisely.

“We also want to be known as the best employer in the industry and have made great strides in developing a comprehensive training programme for our officers and management staff, in turn allowing us to develop and retain the best people at all levels.”

Leave a comment

Filed under Risk UK News

Corps Security celebrates succession of major contract wins

Specialist security solutions provider Corps Security is celebrating after confirming a number of prestigious new account wins which have seen the company smash its annual sales target in the first six months of the business’ financial year.

With business confidence sweeping back into the UK security sector, Corps Security’s success mirrors the findings of a study earlier this year published by market analyst Plimsoll which found that half of the security companies questioned are increasing sales and improving profits, with a significant proportion of them delivering growth rates of up to 8%.

Corps Security’s most recent contract wins emanate from organisations in a range of diverse sectors including banking and finance and local Government, as well as a world famous art institute.

The company’s highly trained and skilled security officers have also been deployed at the Wellcome Trust’s London headquarters to protect one of the leading global charitable foundations which is dedicated to achieving extraordinary improvements when it comes to both human and animal health. Indeed, the important work conducted by the Trust currently includes enabling an international consortium to accelerate the development of an Ebola vaccine.

Peter Webster: CEO at Corps Security

Peter Webster: CEO at Corps Security

Also in the healthcare sector, Guy’s and St Thomas’ NHS Foundation Trust is benefiting from having Corps Security’s personnel as part of its on-site team. Corps Security won this contract after taking part in a competitive tender process with six other security providers, all of whom are part of the London Procurement Partnership framework.

In addition to physical security, Corps Security is responsible for supplying a range of patient supervisory services to protect doctors, nurses and patients in acute care, as well as ensuring that those individuals receiving treatment do not harm themselves. This is a particularly sensitive area and the company’s officers are given specialist training to ensure that they can operate under these types of extreme circumstances.

Fully-integrated solutions for end users

As is the case with all of its contract wins, Corps Security is able to demonstrate an ability to provide the highest levels of service and value for money. Customer feedback suggests that this is thanks to the company’s unique corporate structure and ability to develop a fully integrated solution for the end user that reduces spend and enhances protection by cost-effectively and efficiently combining the use of physical security with surveillance technology and remote monitoring.

Corps Security's dedicated Support Centre provides vital services for end user customers

Corps Security’s dedicated Support Centre provides vital services for end user customers

Nik Flytzanis, Corps Security’s business development manager, is convinced that the company’s recent success is also due to organisations across all vertical sectors recognising the importance of using specialist providers rather than those offering ‘bundled’ services.

“Security is quite unlike any other service,” said Flytzanis. “Due to our clear focus and dedication to this field, we are able to provide a comprehensive solution that always meets our customers’ bespoke needs. I’m delighted that we’re now able to offer our expertise to prestigious organisations such as the Wellcome Trust and Guy’s and St Thomas’ NHS Foundation Trust, both of whom I’m fully confident will benefit enormously from our uniquely ethical and innovative approach to service delivery.”

Nik Flytzanis of Corps Security

Nik Flytzanis: business development manager at Corps Security

Leave a comment

Filed under Risk UK News

UK businesses “sleepwalking” into reputational time bomb

According to research conducted by BSI, the business standards company, UK businesses are at risk of sleepwalking into a reputational time bomb due to a lack of awareness on how to protect their data assets. As cyber hackers become more complex and sophisticated in their methods, UK organisations are being urged to strengthen their security systems in order to protect both themselves and consumers.

The BSI survey of IT decision-makers1 finds that cyber security is a growing concern, with over half (56%) of UK businesses being more concerned about this issue than was the case 12 months ago. Seven-in-10 (70%) attribute this to hackers becoming more skilled and better at targeting businesses.

However, while the majority (98%) of organisations have taken steps to minimise risks to their information security, only 12% are extremely confident about the security measures they have in place to defend against these attacks.

Worryingly, IT directors appear to have accepted the risks posed to their information security, with nine-in-10 (91%) admitting their organisation has been the victim of a cyber attack at some point. Around half have experienced an attempted hack and/or suffered from malware (49% in both instances). Around four-in-ten (42%) have experienced the installation of unauthorised software by trusted insiders, while nearly one third (30%) report having suffered from a loss of confidential information.

Managing risks: key to protecting data assets

Despite confidence in the security measures they have in place, three-in-five (60%) of those organisations surveyed have not provided staff with information security training. Over a third (37%) haven’t installed anti-virus software and only just under half (49%) monitor their user’s access to applications, computers and software.

Conversely, organisations that have implemented ISO 27001 – the international Information Security Management System Standard – are more conscious about potential cyber attacks than those who haven’t (56% versus 12%). As such, 52% of organisations with ISO 27001 already implemented are extremely confident about their level of resilience against the latest methods of cyber hacking.

Maureen Sumner Smith: UK managing director at BSI

Maureen Sumner Smith: UK managing director at BSI

“The research reveals that businesses who can identify threats are more aware of them,” said Mike Edwards, information security specialist and tutor at BSI. “Our experience confirms this. We know that organisations with ISO 27001 in place can better identify the threats and vulnerabilities posed to their information security and put in place appropriate controls designed to manage and mitigate risk.”

Consumers looking to organisations that go ‘above and beyond’

As consumers are now spending more and more of their time and money online, so their vulnerability to cyber attacks is increasing. A recent survey2 showed that nearly half of consumers questioned had suffered from a cyber attack/crime event, yet only 4% have stopped using online services to reduce the risks.

Consumers are looking to companies for protection, who in turn need to safeguard themselves and their customers’ data. However, there’s an inherent lack of trust from consumers on how their data is handled by organisations, with one third of those questioned admitting they don’t trust organisations with their data.

On the other hand, there’s a level of acceptance that nothing online will ever be wholly safe, leading to a false sense of security that: ‘This will not happen to me’ among those who have not suffered from a cyber attack/crime.

Maureen Sumner Smith, UK managing director at BSI, explained: “Consumers want their information to be confidential and not shared or sold. Those who want to be reassured that their data is safe and secure are looking to organisations willing to go the extra mile to protect and look after their data.”

Sumner Smith continued: “Best Practice security frameworks, such as ISO 27001 and easily recognisable consumer icons like the BSI Kitemark for Secure Digital Transactions can help organisations benefit from increased sales, fewer security breaches and protected reputations. Our research shows that the onus is very much on businesses to wake up and take responsibility if they want to continue to be profitable and protect their brand reputations.”

References
1Research interviews conducted with 200 IT decision-makers in UK businesses employing between 250 and 1,000 members of staff. Interviews carried out in October 2014 by Vanson Bourne
2Consumer research involving 1,589 UK adults. Conducted in September 2014 by Opinion Matters

Leave a comment

Filed under Risk UK News

CrowdControlHQ: “IT directors ignore social media risks at their peril”

Marc Harris (Chief Technical Officer at CrowdControlHQ) examines the issues facing IT directors from the use of social media.

Many IT directors operate their own personal Facebook and LinkedIn accounts. However, when it comes to corporate social media they pass responsibility for management of same to the Marketing Department. Are they doing so at their peril?

Let me start with the elephant in the room, namely the role of the IT director. After an extensive IT career in the media, telecommunication and technology sectors recent experience has led me to conclude that social media needs to be firmly at the top of the priority list of every IT director.

In my current role, I see at first hand the impact of reputational damage realised by both internal and external sources through the use of social media, and find it surprising how few IT directors are willing to discuss the issues or attend conferences on the subject. Perhaps they feel an unwelcome interference or ‘elbowed out’ by this new communication channel which has evolved extensively under the umbrella of marketing?

In future, the organisations succeeding in the social media space will have Marketing and IT Departments working seamlessly together to tackle the issues. The ‘DNA’ of IT makes it the most qualified department to deal with some of the risk issues that surround social media, so why isn’t it more involved?

Today, social media is being used in every aspect of business, from the Boardroom right through to the delivery of customer service. By its very nature, social media is a collective responsibility. Not surprisingly, its reliance on ‘collaboration’ has in some instances manifested itself as ‘sharing’ responsibility for posting of content… and even the sharing of passwords!

New rules now apply

I once overheard a social media officer quite gleefully boasting the fact that they had the Twitter login to hand for their company chairman. When challenged, the officer admitted that he was ‘The Chosen One’. If he was off sick that was it – no tweets or updates! Worse still, if he left the organisation he had the power to bring the place down tweet by tweet.

This is the stuff that would have kept me awake at night as an IT director, yet in a world powered by social engagement new rules seem to apply.

Marc Harris: CTO at CrowdControlHQ

Marc Harris: CTO at CrowdControlHQ

Recent research also reported that a scarily large number of employees still use the dreaded Post-It note to record their login usernames and passwords, stuck to walls, desks and even the computer screen. Apparently, we’re not coping well with the need to access everything online from social media to our weekly shop and fear our mobile devices could be pinched. We’re reverting to pen and paper, it seems.

This practice can only end in tears. There have now been too many examples of ‘rogue’ tweets, no audit trail of who posted them (or why) and organisations – who, frankly, should have known better – being left rosy cheeked, so why is this practice still so rife?

Why would an employee, with their job on the line, ‘fess up’ when they know that at least 15 other people had access to the account that day?

I also believe that few IT Departments have a handle on the number of users across their ‘official’ social media accounts, let alone a log of which password protocol they are using, how they are accessing the site or posting.

Need to look both ways

We cannot just blame the employees. Even organisations with the most robust and celebrated IT protocols let themselves down when it comes to simple issues such as data storage. I suspect very few IT directors are crystal clear about where their marketing communications teams are storing their social media campaigns, let alone harbour an understanding of the conversations from the past that they may need to reference in the future or where they keep their notes about their customers linked to these campaigns.

I would hazard a guess that many IT Departments are breaking their own compliance and governance issues when it comes to social media.

Today, there’s no need to share passwords. The social media ‘savvy’ have cottoned on to tiered password access, with both the IT and Marketing Departments having an ‘on/off’ switch to give them instant control in times of crisis. If IT is involved in the installation of a Social Media Management Solution (SMMS) they can see exactly who is plugged into the system, where accountability lies and who they need to train and develop to uphold the security protocols needed in order to keep an organisation’s reputation intact.

Within the scope of most IT budgets a SMMS will be a drop in the ocean but will address these major issues. Any smart IT director will already be looking at a SMMS if there isn’t already one in place. Such a system gives control back to the organisation. All passwords are held in one place such that accounts are not owned by individuals but by the company. The right system gives an organisation the ability to moderate content at a senior level. In turn, the risk of misuse or mistakes can be eradicated.

A SMMS also takes care of the practical management issues. I fear that some organisations are taking a step backwards in terms of their technological evolution, reverting to time-wasting, ineffective manual processing of social media (eg multiple logins to different social media platforms rather than using readily available tools for automation and effectiveness).

The message is clear. IT directors ignore social media at their peril. When it comes to corporate social engagement, it’s time for them to wake up, check and challenge.

Leave a comment

Filed under Risk UK News

Home Secretary Theresa May introduces Counter-Terrorism and Security Bill

Home Secretary Theresa May has introduced “urgently-needed legislation” which will give the UK some of the toughest powers in the world to tackle the increasing threat from international terrorism.

According to the Home Office, the all-new Counter-Terrorism and Security Bill will bolster the UK’s already considerable armoury of powers to disrupt the ability of people to travel abroad to fight, reduce the risks they pose on their return and combat the underlying ideology that feeds, supports and sanctions terrorism.

The collapse of Syria, the emergence of ISIL and ongoing instability in Iraq present significant dangers not just in the Middle East but also in Britain and across the West. Many of the 500 British citizens who have travelled to Syria and Iraq have joined terrorist organisations alongside foreign fighters from Europe and further afield.

Home Secretary Theresa May MP

Home Secretary Theresa May MP

The Bill, which will be enacted at the earliest opportunity, will disrupt those intending to travel by:

*Providing the police with a temporary power to seize a passport at the border from individuals of concern

*Creating a Temporary Exclusion Order that will control the return to the UK of a British citizen suspected of involvement in terrorist activity abroad

*Enhancing the UK’s border security by toughening transport security arrangements around passenger data, ‘No fly’ lists and screening measures

Enhancement of existing terrorism prevention and investigation measures

To deal with those returning to or already in the UK, the Government is:

*Enhancing existing terrorism prevention and investigation measures, including the introduction of stronger locational constraints and a power requiring individuals to attend meetings with the authorities as part of their ongoing management

To support those at serious risk of succumbing to radicalisation, the Government is:

*Creating a general duty on a range of bodies to prevent people from being drawn into terrorism

*Putting Channel – the voluntary programme for people at risk of radicalisation – on a statutory basis

To help disrupt the wider activities of these terrorist organisations, the Bill is:

*Enhancing vital investigative powers by requiring communications service providers to retain additional information in order to attribute an Internet Protocol address to a specific individual

*Amending existing law to ensure that UK-based insurance firms cannot reimburse the payment of terrorist ransoms

Use of these powers – which are consistent with all of the UK’s existing international legal obligations – will be subject to stringent safeguards. These include appropriate legal thresholds, judicial oversight of certain measures and a power to create a Privacy and Civil Liberties Board designed to support the work of David Anderson QC, the current Independent Reviewer of Terrorism Legislation.

Removal of terrorism-related material

The Bill will sit alongside the existing range of tools already used extensively to combat the terrorist threat, including powers to withdraw the passports of British citizens, bar foreign nationals from re-entering the UK and strip British citizenship from those who have dual nationality.

The Government is also working with the Internet industry to remove terrorist material hosted in the UK or overseas. Since February 2010, the Counter-Terrorism Internet Referral Unit has taken down more than 65,000 pieces of unlawful terrorist-related content.

Speaking about the new Bill, Home Secretary Theresa May said: “We’re in the middle of a generational struggle against a deadly terrorist ideology. These powers are essential to keep up with the very serious and rapidly changing threats we face. In an open and free society, we can never entirely eliminate the threat from terrorism but we must do everything possible in line with our shared values to reduce the risks posed by our enemies.”

The Home Secretary added: “This Bill includes a considered and targeted set of proposals that will help to keep us safe at a time of very significant danger by ensuring we have the powers we need to defend ourselves.”

Shami Chakrabarti: director of Liberty

Shami Chakrabarti: director of Liberty

Responding to the Home Secretary’s announcement that the Counter-Terrorism and Security Bill will oblige Internet Service Providers (ISPs) to retain information linking IP addresses with individual users, Liberty’s director Shami Chakrabarti commented: “There’s no problem with the targeted investigation of terrorist suspects, including where required the linking of apparently anonymous communications to a particular person. However, every Government proposal of the last so many years has been about blanket sur‎veillance of the entire population. The Snowden revelations demonstrate that they were even prepared to act outside the law and without Parliamentary consent. Forgive us if we look for the devil in the detail of this new Bill.”

Big Brother Watch director Emma Carr added: “There are key issues to be addressed with these IP-based proposals. For example, there are questions over whether or not this will be technically feasible. Proper safeguards must be introduced to ensure that these techniques are used transparently, that there’s a proper level of authorisation and that the oversight and redress mechanisms can function effectively. Also, if such a measure is introduced, time should then be allowed to ensure that its effectiveness in relation to law enforcement investigations can be evaluated with due care and transparency.”

Disruption of terrorist attacks

The National Policing Lead for Counter-Terrorism is Assistant Commissioner Mark Rowley of the Metropolitan Police Service. As far as he’s concerned, countering terrorism has for too long been thought of as the sole preserve of the police service, the security agencies and the Government.

Rowley is calling for people and businesses to be prepared to play their part in keeping the country safe. He said: “The danger posed by violent extremists has evolved. They are no longer a problem solely stemming from countries like Iraq and Afghanistan, far away in the minds of the public. Now, they are home-grown in our communities, radicalised by images and messages they read on social media and prepared to kill for their cause. The tragic murder of Lee Rigby last year was a stark warning to us all about how real and local the threat really is.”

Rowley continued: “Police officers and our partners are continuing to work 24 hours a day, seven days a week to protect the UK from a terrorist attack. So far this year we’ve disrupted several attack plots and made 271 arrests following counter-terrorism investigations, but the eyes and ears of law enforcement and other agencies alone cannot combat the threat.”

The UK’s counter-terrorism strategy CONTEST focuses on four key areas: Pursue, Prevent, Protect and Prepare. Most of the publicity around terrorism is based on Pursue and Prevent, as these involve arrests, the disrupting of actual attack plots and turning people away from extremism.

AC Rowley is keen to stress that everyone can be doing more to Protect and Prepare, ensuring security in crowded places, the monitoring of our borders and being ready to respond to a terrorist attack.

“We don’t want to scare people, but we do want them to understand the threat and be vigilant to things that are out of place or suspicious and report it to the police. We need businesses to check that their security measures are effective and train their staff to detect potential threats and, if necessary, respond to an attack.”

Metropolitan Police Service Assistant Commissioner Mark Rowley

Metropolitan Police Service Assistant Commissioner Mark Rowley

AC Rowley also stated: “Experience shows us that terrorists target busy, well-populated places to ensure that attacks have a maximum impact. Businesses, particularly those in crowded places, have an invaluable role to play in our fight against terrorists, violent extremists and other criminals. Their staff are often the first people to spot signs that something is wrong.”

The police regularly hold security events with businesses, and the Metropolitan Police Service alone gave 29 presentations during 2013 and 2014.

Since the UK terror threat level increased on 29 August, reports of suspicious behaviour have nearly doubled. This is a direct result of reporting by members of the public, and every one of those reports is investigated.

However, AC Rowley wants more members of the public to have confidence in reporting their suspicions. “Please tell us if you know or suspect something,” he urged. “Your information could save lives. We will deal carefully with all of the information passed to us and respond sensitively and proportionately.”

*The Counter-Terrorism and Security Bill is the seventh major counter-terrorism law introduced in Britain since 9/11. The Bill can be accessed here

Leave a comment

Filed under Risk UK News

Lynn Watts-Plumpkin appointed director and general manager at IQ Verify

The IQ Group – which encompasses Industry Qualifications and the Institute of Administrative Management – has announced the appointment of Lynn Watts-Plumpkin to lead the development of its new certification body entitled IQ Verify.

IQ Verify will specialise in the certification of management systems, products and services, and is in the final stages of UKAS accreditation to ISO 17021 and ISO 17065. This development will allow the IQ Group to provide both individual certification through its awarding organisation as well as organisational certification through IQ Verify. It will be the first multi-sector organisation in the UK with this capability.

Lynn Watts-Plumpkin, whose background includes significant roles at both the NSI and the SSAIB, said: “I’m delighted to be joining the IQ Group at this time, and am excited by the opportunity to lead a new certification body. IQ Verify will be distinct in its offering. The focus will be on standards associated with corporate resilience, the investigations sector and PSC-1 within the security industry. We will also be developing inspection schemes for a number of economic sectors and trade bodies. Announcements will be made over the coming months.”

Lynn Watts-Plumpkin: director and general manager at IQ Verify

Lynn Watts-Plumpkin: director and general manager at IQ Verify

Raymond Clarke, CEO of the IQ Group, said: “We’re delighted to have been able to attract a person of Lynn’s experience and ability to IQ Verify at a very important time in its development. We’ve been working towards UKAS accreditation for a year now, and have conducted a range of trial assessments in advance of UKAS approval to positive acclaim.”

Clarke added: “IQ Verify will be operational from Monday 1 December, offering inspections to BS 102000 (Investigative Services), ISO 27001 (Data Security), ISO 31000 (Risk Management) and ISO 22301 (Business Continuity). We will be offering PSC-1 and ISO 9001 from January, by which time we expect to have obtained full UKAS accreditation.”

*For further information on the work of Industry Qualifications visit: http://www.industryqualifications.org.uk/

Leave a comment

Filed under Risk UK News